Medido el 2026-07-11 · DNS público

¿Está us.hsbc.com protegido contra la suplantación de correo?

No — us.hsbc.com no tiene política DMARC y puede ser suplantado.

Postura sin cambios desde el 2026-06-19

Más protegido que el 0 % de bancos en Estados Unidos

El 80 % del sector ya aplica p=reject

Ver el barómetro sectorial

F

DMARC

ausente

SPF

~all

DKIM

ninguno encontrado

Cómo corregirlo

Thomas, tu CISO virtual con IA, identifica cada fuente, escribe el DNS exacto y lleva tu dominio de p=none a p=reject con total seguridad.

Qué significa esto

  • Aucun enregistrement DMARC publié (_dmarc.<domaine>). Les destinataires n'ont aucune politique à appliquer.
  • SPF se termine par ~all (softfail) : acceptable en phase d’observation, viser -all à terme.
  • Aucune clé DKIM trouvée sur les sélecteurs courants (le domaine peut utiliser des sélecteurs non standards).

Historial

  • 2026-06-26Primera mediciónSin DMARC

Sobre HSBC Bank USA

HSBC Bank USA, the American subsidiary of HSBC Holdings plc, operates through the domain us.hsbc.com as a major banking service serving retail and corporate clients across the United States. As an international financial institution, HSBC Bank USA manages a critical email perimeter encompassing communications with employees distributed across multiple countries, digital services for customers, official correspondence with regulators and financial partners, as well as transactional notifications linked to bank accounts. Securing the us.hsbc.com domain carries strategic significance, as financial institutions represent prime targets for identity spoofing attacks aimed at compromising sensitive customer data or perpetrating fraud schemes. The banking sector must comply with stringent regulatory frameworks including sectoral cybersecurity directives, and as an international group, HSBC is subject to enhanced security obligations according to the jurisdictions in which it operates. The implementation of robust DMARC, SPF, and DKIM protocols on us.hsbc.com constitutes a fundamental component of the strategy against phishing and domain spoofing attacks, ensuring the authenticity of communications issued from this domain. For an entity of this scale, mastering email infrastructure and validating each message through strong authentication mechanisms represents not only a compliance obligation but also an imperative for client trust and preservation of institutional reputation in a context where email-based banking fraud remains a persistent threat.

En este sector